Hi, I'm always worried when new built applications require the users' passwords. It should be your *ultimate last option*. Do you really need that ? In that case, there is a mechanism in CAS to retrieve passwords, it's ClearPass : https://wiki.jasig.org/display/CASUM/ClearPass. Best regards, Jérôme
2013/7/25 Rohit Kotecha <[email protected]> > Hi Team,**** > > ** ** > > I have successfully integrated CAS 3.5.2 with my spring base web > application.**** > > ** ** > > now I want user password after authentication in my spring application, I > know it's not good/right way to get/pass password from CAS server to client > application.**** > > ** ** > > I tried using below way but not succeed.**** > > ** ** > > I have below in my casServiceValidation.jsp.**** > > ** ** > > <cas:serviceResponse xmlns:cas=*'http://www.yale.edu/tp/cas'*>**** > > <cas:authenticationSuccess>**** > > <cas:user> > ${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1]. > principal.id)}</cas:user>**** > > <cas:attributes>**** > > ** ** > > <c:forEach var=*"attr"* items=" > ${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes} > ">**** > > <cas:${*fn:escapeXml*(attr.key)}> > ${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>**** > > </c:forEach>**** > > ** ** > > </cas:attributes>**** > > ** ** > > <c:if test="${*not empty *pgtIou}">**** > > <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>** > ** > > </c:if>**** > > <c:if test="${fn:length(assertion.chainedAuthentications) > 1}">**** > > <cas:proxies>**** > > <c:forEach var=*"proxy"* items="${assertion.chainedAuthentications}" > varStatus=*"loopStatus"* begin=*"0"* end=" > ${fn:length(assertion.chainedAuthentications)-2}" step=*"1"*>**** > > <cas:proxy>${fn:escapeXml(proxy.principal.id)}</ > cas:proxy>**** > > </c:forEach>**** > > </cas:proxies>**** > > </c:if>**** > > </cas:authenticationSuccess>**** > > </cas:serviceResponse>**** > > ** ** > > and in deployconfigContext.xml I have changed attributeRepository bean as > below .**** > > where *user_header is my db user table.* > > ** ** > > ** ** > > <bean id=*"attributeRepository"* class=* > "org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao" > *>**** > > <constructor-arg index=*"0"* ref=*"dataSource"*/>**** > > <constructor-arg index=*"1"* value=*"select * from user_header > where {0}"* />**** > > <property name=*"queryAttributeMapping"*>**** > > <map>**** > > <entry key=*"User_Email"* value=*"User_Email"* />**** > > </map>**** > > </property> **** > > <property name=*"resultAttributeMapping"*>**** > > <map>**** > > <entry key=*"User_Email"* value=*"User_Email"*/> > **** > > <entry key=*"User_Password"* value=*"User_Password"*/>** > ** > > </map>**** > > </property>**** > > </bean>**** > > ** ** > > Any help will be greatly appreciated.**** > > ** ** > > Thanks and Regards,**** > > Rohit Kotecha**** > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -**************Nihilent*************** > " *** All information contained in this communication is confidential, > proprietary, privileged > and is intended for the addressees only. If youhave received this E-mail in > error please notify > mail administrator by telephone on +91-20-39846100 or E-mail the sender by > replying to > this message, and then delete this E-mail and other copies of it from your > computer system. > Any unauthorized dissemination,publication, transfer or use of the contents > of this communication, > with or without modifications is punishable under the relevant law. > > Nihilent has scanned this mail with current virus checking technologies. > However, Nihilent makes no > representations or warranties to the effect that this communication is > virus-free. > > Nihilent reserves the right to monitor all E-mail communications through its > Corporate Network. *** " > > *************************************************************************- > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
